Unrated severityNVD Advisory· Published May 12, 2005· Updated Apr 16, 2026
CVE-2005-1532
CVE-2005-1532
Description
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
Affected products
36cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txtnvd
- secunia.com/advisories/19823nvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- www.mozilla.org/security/announce/mfsa2005-44.htmlnvd
- www.novell.com/linux/security/advisories/2006_04_25.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-434.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-435.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-601.htmlnvd
- www.securityfocus.com/bid/13645nvd
- www.securityfocus.com/bid/15495nvd
- www.vupen.com/english/advisories/2005/0530nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100014nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10791nvd
News mentions
0No linked articles in our index yet.